You are here

[Seminar] Automatic intrusion recovery with system-wide history

Title: 
Assistant Professor
Affiliation: 
Georgia Institute of Technology
Host: 
CSE
Date: 
Tuesday, July 7th 2015, 10:30am
Location: 
302-308

■ 호스트: 전병곤 교수(x1928, 02-880-1928)

Summary

Virtually any computer system can be compromised. New software vulnerabilities are discovered and exploited daily, but even if the software is bug-free, administrators may inadvertently make mistakes in configuring permissions, or unaware users may click on buttons in application installers with little understanding of its consequences. Recovering from those inevitable compromises leads to days and weeks of wasted effort by users or system administrators, yet with no conclusive guarantee that all traces of the attack have been cleaned up. This talk will present our work on automatic intrusion recovery, which aims to restore system integrity by efficiently and precisely detecting and undoing changes made by past intrusions.

Speaker Bio

Taesoo Kim is an Assistant Professor in Computer Science at Georgia Tech, where he recently joined after finishing his Ph.D. at MIT. He is interested in building a system that has underline principles for why it should be secure. Those principles include the design of a system, analysis of its implementation, and clear separation of trusted components. His thesis work, in particular,focused on detecting and recovering from attacks on computer systems. He has developed tools that would detect intrusion and discover which parts of the operating system could have been affected, allowing a systems administrator to recover from an attack without excessive manual effort. His thesis work has been a foundation of a company, Nerati, where he has co-founded with colleagues during his graduate study. He holds a BS from KAIST (2009), a SM (2011) and a Ph.D. (2014) from MIT, all in CS.